Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
File: 0DFAC04CFBD111EE98310A1FC4F9AE02.roa (raw, json)
Hash identifier: cSSOeh0L3e6MVyyFjc0GVaUPBNAV3p/A1y8Qh2mJNdU=
Subject key identifier: 96:AC:E2:02:CE:7E:53:36:16:97:91:AD:B4:FD:C3:73:73:76:C1:BC
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0B93
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
Signing time: Sun 30 Jun 2024 12:28:08 +0000
ROA not before: Sun 30 Jun 2024 12:28:08 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.75.45.0/24 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.144.0/20 maxlen: 20
210.48.146.0/24 maxlen: 24
210.48.151.0/24 maxlen: 24
210.48.155.0/24 maxlen: 24
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: Failed, certificate revoked on Mon 14 Oct 2024 02:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2963 (0xb93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Jun 30 12:28:08 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66814f58-2adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e3:e8:8f:a0:52:23:67:a0:9a:ff:8b:54:d8:
79:89:2a:69:d8:de:8d:a8:1d:c7:18:57:ea:95:ca:
92:7d:b8:fd:82:f2:db:3a:e1:b9:a1:85:24:03:bd:
29:a7:69:ab:ee:f6:5b:70:cc:ac:64:bf:a4:ca:a6:
03:ac:d3:2a:a7:be:14:67:cd:4f:af:22:2d:d4:8c:
c2:b9:3f:50:04:79:b3:af:1f:f7:7c:89:2f:17:a9:
e9:40:7d:af:30:f1:86:eb:41:4a:ae:c3:22:28:8f:
c0:7c:32:3f:59:09:f3:da:98:36:1a:39:82:dc:21:
37:b7:57:0c:59:24:3c:dd:8e:4c:ff:76:27:51:3e:
e8:cd:91:c5:13:bf:3b:52:8a:90:35:4c:db:7f:f6:
0e:76:f9:35:cc:28:9f:9a:b9:d0:12:e4:55:79:ee:
b5:20:60:82:18:c4:ba:b9:06:28:d1:4c:1d:29:17:
84:2b:e0:3b:b5:e4:5b:51:d2:b9:00:24:58:41:db:
e4:59:f4:70:0f:10:76:53:63:e9:15:2e:ff:da:c0:
c6:8f:84:2d:96:be:66:58:47:d4:b8:e6:22:05:01:
31:ba:6a:18:46:2c:b6:49:96:53:1a:a0:5a:0f:d3:
98:60:b4:1b:46:c2:c4:ea:1c:52:2e:3f:af:62:18:
6d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AC:E2:02:CE:7E:53:36:16:97:91:AD:B4:FD:C3:73:73:76:C1:BC
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0/24
49.236.199.0/24
49.236.203.0-49.236.204.255
112.137.160.0-112.137.162.255
112.137.169.0-112.137.170.255
112.137.172.0/23
112.137.175.0/24
119.110.97.0/24
119.110.99.0/24
119.110.102.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.75.45.0/24
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.144.0/20
IPv6:
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
2f:80:a0:be:a7:ed:23:23:a1:60:49:70:9e:c1:47:05:70:13:
e7:1d:25:a4:71:22:08:91:0a:eb:c3:73:85:62:6d:6b:57:fc:
d6:04:4b:2f:7c:0c:7b:ca:14:ab:eb:3a:61:35:65:7e:83:b6:
79:be:6c:cf:db:97:0d:81:8f:df:13:ee:eb:03:c6:92:c2:fe:
86:80:82:48:63:2d:b8:8f:22:87:7d:c6:fa:6a:15:23:97:69:
31:4d:12:b7:9f:81:e2:5c:9a:c6:9e:f9:a2:f7:ed:63:99:06:
f6:c5:6f:3f:17:c2:27:e9:4f:83:8a:67:be:e5:99:f2:27:8f:
b5:4e:79:3e:e0:2b:cf:87:71:dc:d7:e5:81:9e:d7:4d:1c:7a:
09:3c:4c:02:65:cf:22:bb:b9:c8:29:3a:5f:ac:12:8c:bf:53:
0c:35:ba:f1:c0:b2:fd:6f:d8:a9:38:44:42:68:98:91:14:c6:
84:a2:5f:88:da:d7:86:dc:58:fc:3f:23:8f:6a:b7:74:5c:6f:
ae:0a:ce:5b:ce:0e:e3:45:51:d2:67:7d:53:1b:d8:c0:3c:16:
5d:bf:9f:65:02:0c:4c:54:3b:1f:e8:f6:b5:0b:00:cc:ca:24:
98:ef:3d:b0:04:88:aa:ba:e2:76:d3:f2:98:26:df:c6:c2:00:
57:ce:5d:4c
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICC5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQwNjMwMTIyODA4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgxNGY1OC0yYWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxOPoj6BSI2egmv+LVNh5iSpp2N6NqB3HGFfqlcqSfbj9gvLbOuG5oYUkA70p
p2mr7vZbcMysZL+kyqYDrNMqp74UZ81PryIt1IzCuT9QBHmzrx/3fIkvF6npQH2v
MPGG60FKrsMiKI/AfDI/WQnz2pg2GjmC3CE3t1cMWSQ83Y5M/3YnUT7ozZHFE787
UoqQNUzbf/YOdvk1zCifmrnQEuRVee61IGCCGMS6uQYo0UwdKReEK+A7teRbUdK5
ACRYQdvkWfRwDxB2U2PpFS7/2sDGj4Qtlr5mWEfUuOYiBQExumoYRiy2SZZTGqBa
D9OYYLQbRsLE6hxSLj+vYhhthQIDAQABo4IDLzCCAyswHQYDVR0OBBYEFJas4gLO
flM2FpeRrbT9w3NzdsG8MB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvMERGQUMwNENG
QkQxMTFFRTk4MzEwQTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbgGCCsGAQUFBwEHAQH/
BIGoMIGlMIGTBAIAATCBjAMEAjHswAMEADHsxQMEADHsxzAMAwQAMezLAwQAMezM
MAwDBAVwiaADBABwiaIwDAMEAHCJqQMEAHCJqgMEAXCJrAMEAHCJrwMEAHduYQME
AHduYwMEAHduZjAMAwQAd25rAwQAd25sAwQEfMXgAwQAykstAwQFyqIAAwQFyqUA
AwQEy5lQAwQE0jCQMA0EAgACMAcDBQAkBAC4MA0GCSqGSIb3DQEBCwUAA4IBAQAv
gKC+p+0jI6FgSXCewUcFcBPnHSWkcSIIkQrrw3OFYm1rV/zWBEsvfAx7yhSr6zph
NWV+g7Z5vmzP25cNgY/fE+7rA8aSwv6GgIJIYy24jyKHfcb6ahUjl2kxTRK3n4Hi
XJrGnvmi9+1jmQb2xW8/F8In6U+Dime+5ZnyJ4+1Tnk+4CvPh3Hc1+WBntdNHHoJ
PEwCZc8iu7nIKTpfrBKMv1MMNbrxwLL9b9ipOERCaJiRFMaEol+I2teG3Fj8PyOP
ard0XG+uCs5bzg7jRVHSZ31TG9jAPBZdv59lAgxMVDsf6Pa1CwDMyiSY7z2wBIiq
uuJ20/KYJt/GwgBXzl1M
-----END CERTIFICATE-----
Generated at Mon Oct 14 03:56:28 2024 by rpki-client on console-fra.rpki-client.org